Archive for August, 2015

A data breach can be defined as an unauthorized access, viewing and retrieval of a database, application or program. The attack is carried out to steal, manipulate or use information for malicious purposes. Data breaches are usually targeted towards large organizations and businesses to steal sensitive, confidential or patented information.

A data breach typically takes place in the following stages:

Research: After deciding on a target, the cyber criminals look for network security flaws that can be exploited. This involves researching about the kind of infrastructure a company has.

Attack: When the weaknesses have been identified, the hacker initiates a data breach either as a social attack or a network based attack. In the former one, social engineering methods are used to jeopardize the target’s network. This may include spam emails, malware infected IM attachments, installing programs with malicious code etc. A network based attack, on the other hand, is when the cyber criminals use vulnerability exploitation, SQL injection or session hijacking to access the network on which the target computer is operating.

Exfiltration: Once the attack is successful, the hacker can easily take out the important data and transfer it into another system. This data may either be used for spiteful purposes or to carry out another attack.

Tips To Prevent Data Breach

Be Careful With Passwords: Make sure you do not store passwords for any website or servers. You should also avoid using same passwords for any two accounts. Also, consider using two-factor authentication for all accounts that contain sensitive business information. Thus, you will require a password along with a personal authentication method, such as OTP or biometric scan to access the account.

Use Data Encryption: You must mandate encryption of all personal or official information that is transmitted over the organization’s internet network. The IT staff should be directed to encrypt all software and hardware at all times, including the devices issued to the employees.

Outsource Payment Processing: In order to safeguard your customers’ financial data, you should consider outsourcing your payment processing system. Whether it is for point-of-sale or online banking, hiring a credible PCI complaint dealer will ensure better and dedicated protection of the data.

Educate Employees: You must implement and let the employees know about the data security policy of the organization. Restrict the usage of computer only for official purposes and confine access to unsuitable websites. You must also educate the employees about their responsibilities with regard to protecting and maintaining confidentiality of any information.

We, at Centex Technologies, provide complete data security solutions to the businesses in Central Texas. For more information, you can call us at (855) 375 – 9654.

Microsoft operating system updates are designed to resolve issues concerned with the previous version as well as making computing easier for the end-users. Keeping in line, Windows 10 comes with many new features and applications to improve functionality. As far as security is concerned, this latest OS comes pre-loaded with several updates in order to protect users from hacking attacks.

Here are some of the important features in Windows 10 that can enhance user security:

Two-Factor Authentication: Windows 10 has incorporated two essential safety features to protect the privacy of users – Windows Hello and an update of Windows Passport. The former one involves a two factor authentication method for the users to view any stored data. They will be required to enter one validation element as well as a PIN number or a biometric feature such as retina or fingerprint scan. Taking it a step further, Windows Passport allows the users to enter the biometric authentication element to access the entire system. This eliminates the need to remember easy-to-hack passwords.

“On-The-Fly” Encryption: For people who use personal devices for work, this feature will provide additional security to safeguard their office data. The encryption feature called ‘Data Loss Prevention’ will recognize the data associated with your work, separate it from other files and encrypt it using the updated version of ‘BitLocker’. Anything found to be work-related is placed into a safer portal.

Device Guard: This feature in Windows 10 will help to determine if a file is safe or contains any sort of malware. The Device Guard will quickly scan all the programs and data to detect any potential threat. If found, the user will be alerted and left to decide if he wants to open the file or not.

Edge Browser: With Windows 10, Microsoft is also releasing its improved and safer browser, Edge. Initially named as Project Spartan, Edge is designed to make up for the security flaws in Internet Explorer. The browser will allow users to access websites through their Windows Passport authentication code instead of the passwords. Additionally, Edge will not support ActiveX updates and work in a sandbox mode to protect against malware or hacking attacks.

Automatic Antivirus Update: Installing Windows 10 will also automatically update your antivirus software. Your previous anti-virus will be removed and then re-installed to the latest version with updated malware, virus as well as spyware definitions. In case your anti-virus subscription has ended, the system will install Windows Defender.

The safety features in Windows 10 will be of great help for the large business firms in managing a complex networking infrastructure and maintaining IT security.

Apple devices have long been known to be secure against virus and malware attacks. However, a team of security researchers have claimed to discover the first firmware worm, Thunderstrike 2 that can spread between different Mac computers without any internet connection. The recently discovered firmware attack has been known to be a sequel to Thunderstrike, a proof-of-concept MAC vulnerability found earlier this year.

Thunderstrike 2 virus has been created by a security engineer, Trammell Hudson and Xeno Kovah, owner of a firmware security consultancy LegbaCore. The virus infects Mac computers at the firmware level, which makes it resistant to security and software updates.

How Thunderstrike 2 Works?

Unlike the initial version of the virus, Thunderstrike 2 can infect a Mac computer undetectably through a malicious email or website and hides inside the firmware. Once the system is infected, the virus can easily replicate itself to other Macs by way of several peripheral devices such as Apple Thunderbolt connected to the USB or Ethernet port, RAID controllers, external hard drives etc. The virus is capable of targeting air-gapped systems that are difficult to infect through active network connections.

According to Xeno Kovah, “The Thunderstrike 2 attack is really hard to detect and it can be difficult for the users to safeguard their Mac computers against a virus operating at the firmware level. For most users, the situation might even make the users dispense with their systems as they do not have the wherewithal to physically open up the system and re-encode the firmware chip.”

Adding further, he states, “People are not aware that these small peripheral devices actually have the potential to infect their firmware. A worm started from another corner of the world and spreading very low and slow can easily get into their systems. If they are unaware about the security threats present at this level, they are more likely to get the virus that can completely sabotage their system.”

How To Remove The Virus?

According to the security researchers, the virus can only be removed at the hardware level of the Mac computers, which makes the entire process quite complex. Apple has already been notified about the firmware virus and the company has not yet fixed the vulnerabilities than can allow similar types of attacks on Macs.

For the meantime, the users are advised not to click on links, download files or install plugins from unreliable sources.

A zero-day attack can be defined as an attempt to exploit unpatched software vulnerabilities before it becomes known to the vendor or user. Cybercriminals can initiate this attack with an aim of downloading malware, phishing software or any other code and use it for malicious purposes. As a zero-day attack involves exploiting an unknown flaw in the software, it often creates a ‘vulnerability window’, which refers to the time elapsed between the identification of the exploit and the installation of patch to fix it.

Types Of Zero-Day Attacks

Cyber criminals may launch a zero-day attack in any of the following ways:

Websites: If you have installed flawed software in your system and you visit a malware infected website, the hackers get an easy opportunity to manipulate the vulnerability. The security fault can be present either in your browser files or computer.

Inferior Software: Zero-day attacks can also misuse poorly designed software. These types of applications usually consist of different vulnerabilities that can be easily manipulated for malicious use. Through zero-day attacks, hackers may exploit the common file types in order to steal confidential data or damage the system altogether.

Emails: The attack can also be initiated when a user clicks on a malware infected email attachment. Once the file is downloaded, the bug can exploit any security flaws either in the email software or the computer system.

Tips To Prevent Zero-Day Attacks

Internet browsers and operating systems are most significant trajectories of zero-day attacks. You should frequently update your browser and implement the maximum security settings possible. You can either set your browser to download and install updates automatically or do so manually as soon as they are officially released.

Always stay alert for any updates or security patches announced for the software installed on your system.

If you use an open Wi-Fi network, you are at a higher risk for zero-day attacks. As the information shared over these connections is not properly encrypted, your device may be exposed to various security threats. Make sure you do not download any files or share sensitive information over such networks.

Do perform a regular scan of your system for viruses, malware and other faulty software. You should also clear your browsers cache and cookies from time to time. Changing passwords for all your online accounts, such as email ids, net banking, social media, etc., can also help to prevent against zero-day attacks.

We, at Centex Technologies, provide complete cybersecurity solutions in Central Texas. For more information, you can call us at (855) 375 – 9654.

Social Networks

Author

Abdul Subhani

I am the President & CEO of
Centex Technologies Microsoft Small Business Specialist, Certified E-Commerce Consultant, Certified Ethical Hacker, Certified Fraud Examiner, Virtual Instructor and an IT Consultant/Speaker on IT Security, Networking, Small Business Architect, & SEO Internet Marketing.